As Colorado revisits its landmark AI law, a new framework signals how states may regulate AI going forward. Colorado made national headlines in 2024 when it passed one of the first comprehensive AI laws in the United States, targeting “high-risk” systems used in consequential decisions like hiring, housing, healthcare, and lending.

Now, just months before that law is set to take effect, the state is reconsidering its approach.

A newly formed AI policy working group has released recommendations aimed at reshaping how the law is implemented highlighting a broader shift toward balancing consumer protection with innovation.

Why Colorado Is Reworking Its AI Law

The original Colorado AI Act was ambitious. It imposed:

• A duty of reasonable care on both developers and deployers

• Obligations to prevent algorithmic discrimination

• Requirements for risk assessments, disclosures, and consumer rights

While groundbreaking, the law quickly faced pushback from:

• Businesses concerned about compliance burdens

• Policymakers worried about overbreadth

• Industry groups warning it could stifle innovation

As a result, lawmakers delayed implementation to June 2026 to allow time for revisions and stakeholder input.

The working group’s recommendations are the latest step in that recalibration.

Key Recommendations from the AI Policy Group

The proposed framework focuses on clarifying roles, improving transparency, and allocating liability more precisely.

1. Clearer Obligations for Developers

AI developers would be required to provide deployers (businesses using AI) with meaningful information about their systems, including:

• Intended use cases

• Training data categories

• Known limitations and risks

• Guidance on monitoring and oversight

This reflects a shift toward shared accountability, rather than placing the burden solely on end users.

2. Transparency to Consumers

Entities using AI to make consequential decisions would need to:

• Clearly disclose when AI is involved

• Explain, in plain language, the role AI played in the decision

• Provide “clear and conspicuous” notice to affected individuals

This aligns with a growing global trend:
AI regulation is increasingly centered on explainability and user awareness.

3. Meaningful Human Review

The recommendations emphasize the importance of human oversight, particularly in high-stakes contexts.

Where applicable, organizations would need to ensure:

• Human review of AI-driven decisions

• Mechanisms for oversight and intervention

This is consistent with broader regulatory approaches including the EU AI Act, where human-in-the-loop systems are a key safeguard.

4. More Nuanced Liability Framework

One of the most contentious issues, liability is addressed directly.

The working group recommends assigning responsibility based on:

• The role of the developer

• The role of the deployer

• The specific cause of harm

Rather than a blanket rule, liability would be contextual and proportional.

A Broader Policy Shift: From Strict Rules to Flexible Frameworks

These recommendations signal a meaningful pivot in how AI regulation may evolve not just in Colorado, but nationally.

From “One-Size-Fits-All” to Risk-Based Regulation

The original law focused broadly on “high-risk AI systems.”

The revised approach moves toward:

• More targeted obligations

• Context-specific requirements

• Flexibility based on real-world use cases

This reflects a growing recognition that AI is not a single technology but a spectrum of tools with varying levels of risk.

From Developer vs. Deployer to Shared Responsibility

Earlier frameworks often struggled with a central question:

Who is responsible when AI causes harm?

Colorado’s updated approach suggests the answer is:

• Both, but in different ways

Developers must build responsibly.Deployers must use responsibly and liability flows accordingly.

From Static Rules to Iterative Governance

The need to revisit the law before it even takes effect highlights a key reality:

AI regulation is not a one-time legislative event, it is an ongoing process.

Colorado is effectively testing:

• How quickly laws can adapt to evolving technology

• Whether states can regulate AI without overcorrecting

• How to balance innovation with accountability

What This Means for Businesses and Founders

For companies building or deploying AI, the direction is becoming clearer:

1. Documentation Will Be Critical

Expect increasing expectations around:

• Model documentation

• Risk assessments

• Internal governance frameworks

2. Transparency Is No Longer Optional

Organizations will need to:

• Clearly communicate AI use

• Explain decisions in understandable terms

• Build trust with users and regulators

3. Compliance Will Be Collaborative

Legal and compliance teams will need to work across:

• Engineering

• Product

• Data science

AI governance is becoming a cross-functional responsibility.

4. State-Level Regulation Is Here to Stay

Even with federal discussions ongoing, states like Colorado are actively shaping the regulatory landscape.

This creates:

• Fragmentation risks

• But also opportunities to influence emerging standards

Conclusion

Colorado’s latest AI policy recommendations highlight a critical inflection point in the evolution of AI regulation.

The state is moving away from a rigid, all-encompassing framework toward a more balanced and adaptive model, one that still prioritizes consumer protection, but recognizes the practical realities of building and deploying AI systems.

At its core, this shift reflects a broader truth: regulating AI is not simply about controlling risk, it is about designing systems of accountability that can evolve alongside the technology itself.

As Colorado refines its approach, it is effectively serving as a testing ground for the rest of the United States. The outcomes here, what works, what doesn’t, and what gets adjusted will likely influence how other states and federal regulators approach AI governance in the years ahead.

For businesses, the takeaway is clear:
AI regulation is no longer a distant consideration. It is actively being shaped and those building in this space will need to adapt just as quickly as the rules themselves.

Learn More